Lots of great comments, thank you. Also, thank you the link to the AndroidPolice article, it appears like a step in the right direction, although it needs some fine-tuning.
As for scaring off Google, developers, and consumers, here's a possible solution: Google/Developer ads: Android should have a "system application" which is installed in Android by default to manage Ads and it's network usage. The application should allow for "ad providers", of which you need to be a trusted advertiser to be added to the provider list. Of course this provider list is not displayed to end-user, and neither is the application itself, it's transparent. The provider list is updated from Google every so often. I say use a provider list, so that Google doesn't get lawsuits from other ad vendors. If the ad vendor is legit, they can request being added as an ad provider on Android. Applications which use ads, would call this Android application to display their ads to the user within the application. The application itself will not require network access, as the ads system app manages all that. Problem solved! Consumers being scared off like what Vista's UAC did: Android will obviously have this as a "security feature", which like any firewall, can be turned off. A great way to prevent too much user confusion, is that app developers can register their permissions with Google Play, which keeps a list of "top developers", which are known not to abuse permissions. Apps downloaded from these well known sources will default to being open, however advanced users will be free to revoke perms for these apps if needed. Play Market already keeps a list of "top developers" and ones which are trustworthy, so using this list to provide a set of defaults for end-users shouldn't be much of a problem. Now, if a consumer wants to download an app which is not verified, it can provide a basic set of perms which most apps should use lawfully. Say, if an unverified app wants to send a text message, or call a phone number on your behalf. Prompt the user that the application is about to do this, and ask if the user would like to proceed or block the app from doing this in the future. Most consumers should know what a phone number is, and if it will cost them money. Actually, every consumer which owns a phone in this day and age should know, it's common sense that a 900# is going to cost ya. I believe the problem with past implementation was that it was implemented wrong, or not thought out too well. Users did get used to UAC eventually, and now it's the norm on Windows PC, OS X, and Linux. It never stopped sales of Windows, people still bought Vista(although not as much), and definitely bought Windows 7. Give end-users some credit here, not all of them are going to run the other direction, and neither are developers. As platform developers and security enthusiasts, we need to think about the future. Malware, viruses, and hackers are only going to get worse. On Tue, Jul 24, 2012 at 1:32 PM, Nathaniel Husted <[email protected]> wrote: > I think it is also worth noting that while those of us who are > knowledgeable about permissions (we're members of the android security > discussion mailing list obviously) could be make use of such a tool, > it is difficult to extend that to the wider Android community as a > whole. It's readily apparent that users have a hard enough time > understanding permissions and the risks they entail in general, let > alone be able to make an informed choice about how to limit them with > certain applications. While it's certainly a solution I'd love to see, > it's not necessarily something that I could see being a default system > in the AOSP mainline or Google's internal repo. > > I think it's also worth mentioning, as I put on my Faraday cage > headgear, that such a system would most likely destroy (or greatly > harm) the free application ad-based app economy (as well as Google's > cut of that revenue). > > Cheers, > Nathaniel > > On Tue, Jul 24, 2012 at 11:15 AM, Dominik Schürmann > <[email protected]> wrote: >> Hi, >> >> I don't think Google will implement this at any time, as it does not >> provide real value to Android and will scare off some developers. In my >> opinion you are right and we need a usable solution for permission >> management. >> >> On 24.07.2012 20:50, Kevin Veroneau wrote: >>> If XDA developed such a system into their custom ROMs, I would forever >>> move over to a 3rd party ROM from XDA and forget about official google >>> ROMs, as this is a needed security feature in Android or any mobile >>> device for that matter. This device stores our personal information >>> for crying out loud, and the way security is handled in Android is >>> absolutely archaic and needs to change NOW! >> >> >> See PDroid: http://forum.xda-developers.com/showthread.php?t=1357056 >> >> Regards >> Dominik >> > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
